Benchling

Application Security Engineer

Benchling3 months ago
Location

San Francisco, CA

Type

Full Time

Salary

USD 147,000 – 200,000

Level

Senior

Role

Application Security Engineer

Posted

Nov 26, 2025

Full TimeSenior

The role

Summary

Benchling is seeking an Application Security Engineer to join their security team, focusing on developing robust security programs, automating security processes, and protecting sensitive biotechnology data. The ideal candidate will help secure the R&D Cloud platform by implementing advanced security practices, conducting penetration testing, and collaborating with engineering teams to mitigate vulnerabilities.

What you'll do

Security Tool Integration: Build and integrate external and internal security tools into development and build environments to enhance overall security posture.
Security Process Development: Develop lightweight processes to embed security practices throughout the Software Development Life Cycle (SDLC) workflow.
Vulnerability Management: Collaborate with engineering teams to identify, mitigate, and reduce security risks through comprehensive vulnerability assessment.
Code Security Review: Perform thorough code reviews of services and applications to identify and address potential security vulnerabilities.
Security Design and Threat Modeling: Lead security design reviews and conduct threat modeling to proactively identify potential security risks in product development.
Incident Response: Participate in incident response and vulnerability remediation efforts to ensure rapid and effective security problem resolution.
Security Training: Develop and implement secure coding practices and provide training to engineering teams to enhance overall security awareness.
Penetration Testing: Conduct black-box and gray-box penetration testing of applications and services to identify potential security weaknesses.

What we look for

Technical

Application Security ExpertiseMinimum 2+ years of experience in application or product security roles, with hands-on experience in secure code reviews, threat modeling, and penetration testing.
Security Vulnerability ManagementProven experience identifying and resolving web application security vulnerabilities, with specific knowledge of OWASP Top 10 and CWE Top 25 vulnerabilities.
Scripting SkillsProficiency in at least one scripting language, with a strong preference for Python.
Security Domain KnowledgeDeep understanding of browser security models, modern network security, cloud security (preferably AWS), and emerging AI security considerations.

Education

Cybersecurity DegreeBachelor's degree in Computer Science, Cybersecurity, Information Security, or related technical field preferred.

Experience

Security Tool AutomationExperience with security tool integration and automation in development environments.
Vulnerability Risk AssessmentBackground in vulnerability management and risk assessment processes.

Skills

Required skills

Application SecurityComprehensive understanding of web application security principles and practices.
Secure CodingAbility to develop and implement secure coding guidelines and best practices.
CommunicationStrong technical communication skills to explain complex security concepts to diverse audiences.

Nice to have

Cloud SecurityAdvanced knowledge of AWS security configurations and best practices.
Threat ModelingExperience in advanced threat modeling techniques and security design reviews.
AI SecurityUnderstanding of emerging security challenges in AI and machine learning systems.

Compensation & benefits

Salary

USD 147,000 – 200,000 (annual)

Stock options

Available

Benefits

Hybrid Work Arrangement

Flexible work model with 3 days per week in-office collaboration (Monday, Tuesday, Thursday)

Diversity and Inclusion

Commitment to hiring diverse talent and maintaining an inclusive workplace environment

Interview process

  1. 1
    Initial Screening Phone or video call with recruiter to discuss background and role fit
  2. 2
    Technical Interview In-depth discussion of security expertise, problem-solving skills, and technical capabilities
  3. 3
    Security Assessment Practical security challenge or case study to evaluate hands-on skills
  4. 4
    Team Interview Meeting with potential team members to assess cultural and collaborative fit
  5. 5
    Final Interview Discussion with hiring manager to align on role expectations and career goals
Apply for this position

You'll be redirected to the company's application page

Benchling

Benchling

View all jobs

Benchling is a cloud-based platform for life sciences research and development, offering digital solutions for scientific data management, collaboration, and process optimization.

San Francisco, CA, USAFounded 2011benchling.com

Tech Stack

Languages
Python
Tools
AWS
Other
Security Testing Tools
Apply Now

On this page